CVE-2025-32901
MEDIUMKDEConnect < 1.33.0 - Denial of Service via Malicious Device ID
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2025-32901. PoCs published by randshell.
AI-analyzed exploit summary This repository contains a functional exploit PoC for CVE-2025-32901, targeting KDE Connect via crafted UDP identity packets. The script demonstrates multiple attack vectors including device spoofing, DoS, and information leakage by manipulating device identity data.
Description
In KDE Connect before 1.33.0 on Android, malicious device IDs (sent via broadcast UDP) could cause an application crash.
Exploits (1)
This repository contains a functional exploit PoC for CVE-2025-32901, targeting KDE Connect via crafted UDP identity packets. The script demonstrates multiple attack vectors including device spoofing, DoS, and information leakage by manipulating device identity data.
References (2)
Scores
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L